Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/Ahg3mr-Im1Ped_mqY-z0vLT9krc.roa
File: Ahg3mr-Im1Ped_mqY-z0vLT9krc.roa (raw, json)
Hash identifier: C8Mee1VHmUAoRUp8ktdBSpG5yndzG9w5T4W4JgPh1/c=
Subject key identifier: 02:18:37:9A:BF:88:9B:53:DE:77:F9:AA:63:EC:F4:BC:B4:FD:92:B7
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 01983174A8EEFF1524B38F710FB5B4160CA2
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/Ahg3mr-Im1Ped_mqY-z0vLT9krc.roa
Signing time: Tue 22 Jul 2025 09:26:25 +0000
ROA not before: Tue 22 Jul 2025 09:26:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205090
IP address blocks: 91.200.13.0/24 maxlen: 24
95.81.121.0/24 maxlen: 24
103.71.20.0/24 maxlen: 24
103.71.21.0/24 maxlen: 24
109.69.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 07:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:31:74:a8:ee:ff:15:24:b3:8f:71:0f:b5:b4:16:0c:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Jul 22 09:26:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0218379abf889b53de77f9aa63ecf4bcb4fd92b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:88:69:04:94:f5:1d:0c:51:2a:ab:33:68:55:
0e:d3:d7:78:3f:9b:78:a5:31:2d:dc:09:26:b6:cf:
ee:0b:ab:41:57:7c:b5:cd:29:41:e4:8b:b3:ff:65:
62:02:e8:51:a8:d9:3c:ad:bb:6d:65:74:e1:f3:5d:
39:ba:a2:fc:fd:ac:c2:13:3b:2f:07:c0:49:6f:a1:
c7:5b:bf:55:fc:cf:11:cf:32:2e:36:14:0d:05:96:
67:07:71:f8:8b:6a:4c:16:1d:06:70:7c:09:24:4e:
40:a8:98:eb:4f:94:68:4f:a6:6b:b0:df:da:62:b2:
35:fe:d8:45:2b:00:be:ab:50:23:52:49:a4:26:e2:
8e:72:5f:40:02:47:ea:31:d8:0a:dc:3a:8b:78:9b:
13:6a:b4:07:38:1d:1f:1f:01:8a:90:12:91:2b:82:
54:9c:4f:92:e5:c9:5c:d6:34:71:f3:56:b3:b2:b5:
a6:2e:b5:d5:c8:3f:20:f0:be:ec:b8:44:d4:bb:64:
03:ec:f1:ca:7c:6b:c8:d0:16:aa:fd:e7:12:81:c1:
14:75:b9:2f:8d:77:41:e7:ca:43:5d:36:3f:d8:5b:
6f:ed:c3:84:64:f1:16:08:55:69:38:d9:79:3a:01:
d1:b0:ac:85:fc:d5:08:d4:94:ab:26:d7:f3:9b:40:
dc:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:18:37:9A:BF:88:9B:53:DE:77:F9:AA:63:EC:F4:BC:B4:FD:92:B7
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/Ahg3mr-Im1Ped_mqY-z0vLT9krc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.13.0/24
95.81.121.0/24
103.71.20.0/23
109.69.62.0/24
Signature Algorithm: sha256WithRSAEncryption
62:85:27:51:5b:a2:85:e9:a2:2f:74:47:52:97:63:37:38:78:
60:64:c2:77:b6:6d:59:65:13:af:5a:9e:db:f0:79:70:cc:31:
3a:9f:6f:d3:a7:7c:27:62:2d:8b:05:bb:e9:14:ae:96:ed:6b:
ef:43:25:17:7f:a5:d5:12:83:a7:00:14:9c:0e:e8:41:67:60:
8f:18:c8:41:cd:4f:1a:21:cb:61:2c:72:f7:37:32:66:a7:1b:
f2:40:2d:cb:6a:09:0a:19:88:e4:66:10:93:41:0c:b3:70:d4:
5d:2b:07:7b:ce:f5:0c:1c:b6:2c:08:01:5f:88:c9:10:91:60:
9b:95:35:da:70:02:1b:e8:ce:b5:d7:03:59:5c:3e:38:a5:3e:
91:7b:4b:74:cb:82:7d:ac:32:63:93:85:27:ee:01:13:a4:9e:
1f:b3:9e:4e:8f:d8:eb:bd:fa:39:03:b5:b3:50:32:00:ca:3a:
2d:56:52:2c:9e:e5:57:85:5d:ea:86:3a:07:73:cf:2f:74:53:
6d:2d:50:ef:48:40:8a:b8:00:46:d5:eb:50:9e:e4:f2:01:d6:
c1:46:a6:4d:75:89:f3:0f:3d:78:c5:7c:69:ad:e2:dc:4f:5e:
d7:dc:fe:0b:1e:c1:79:6c:35:2e:d3:fd:47:d9:a6:24:8d:a4:
28:ca:78:38
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZgxdKju/xUks49xD7W0FgyiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjUwNzIyMDkyNjI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjE4Mzc5YWJmODg5YjUzZGU3N2Y5YWE2M2VjZjRiY2I0ZmQ5MmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIhpBJT1HQxRKqszaFUO09d4P5t4
pTEt3Akmts/uC6tBV3y1zSlB5Iuz/2ViAuhRqNk8rbttZXTh8105uqL8/azCEzsv
B8BJb6HHW79V/M8RzzIuNhQNBZZnB3H4i2pMFh0GcHwJJE5AqJjrT5RoT6ZrsN/a
YrI1/thFKwC+q1AjUkmkJuKOcl9AAkfqMdgK3DqLeJsTarQHOB0fHwGKkBKRK4JU
nE+S5clc1jRx81azsrWmLrXVyD8g8L7suETUu2QD7PHKfGvI0Baq/ecSgcEUdbkv
jXdB58pDXTY/2Ftv7cOEZPEWCFVpONl5OgHRsKyF/NUI1JSrJtfzm0DcvQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAIYN5q/iJtT3nf5qmPs9Ly0/ZK3MB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvQWhnM21yLUltMVBlZF9tcVktejB2TFQ5a3JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW8gNAwQA
X1F5AwQBZ0cUAwQAbUU+MA0GCSqGSIb3DQEBCwUAA4IBAQBihSdRW6KF6aIvdEdS
l2M3OHhgZMJ3tm1ZZROvWp7b8HlwzDE6n2/Tp3wnYi2LBbvpFK6W7WvvQyUXf6XV
EoOnABScDuhBZ2CPGMhBzU8aIcthLHL3NzJmpxvyQC3LagkKGYjkZhCTQQyzcNRd
Kwd7zvUMHLYsCAFfiMkQkWCblTXacAIb6M611wNZXD44pT6Re0t0y4J9rDJjk4Un
7gETpJ4fs55Oj9jrvfo5A7WzUDIAyjotVlIsnuVXhV3qhjoHc88vdFNtLVDvSECK
uABG1etQnuTyAdbBRqZNdYnzDz14xXxpreLcT17X3P4LHsF5bDUu0/1H2aYkjaQo
yng4
-----END CERTIFICATE-----
Generated at Wed Jul 23 12:06:19 2025 by rpki-client